const router = require("express").Router();
const { body } = require("express-validator");
const validate = require("../middleware/validate");
const { loginLimiter } = require("../middleware/rateLimiter");
const { auth } = require("../middleware/auth");
const ctrl = require("../controllers/auth.controller");

// 注册
router.post(
    "/register",
    [
        body("username").isLength({ min: 2, max: 32 }),
        body("email").isEmail(),
        body("password").isLength({ min: 6 }),
    ],
    validate,
    ctrl.register
);

// 登录（限流）
router.post(
    "/login",
    loginLimiter,
    [
        body("emailOrUsername").notEmpty(),
        body("password").isLength({ min: 6 }),
    ],
    validate,
    ctrl.login
);

// 刷新令牌
router.post(
    "/refresh",
    [body("refreshToken").notEmpty()],
    validate,
    ctrl.refresh
);

// 注销：吊销刷新令牌
router.post("/logout", ctrl.logout);

// 获取当前用户
router.get("/me", auth(true), ctrl.me);

module.exports = router;
